Daar Ilaalinta Barnaamijka aan la rabin: GPO, Regedit, PowerShell

Microsoft waxa ay hadda kuu suurtogelisay in aad ku darto ka-hortagga Barnaamijyada Aan La rabin ee suurtogalka ah (PUPs)(Potentially Unwanted Programs (PUPs)) ama Codsiyada(Applications) Aan La rabin ( PUA ) ee Difaaca Windows (Windows Defender)10(Windows 10) . Waxaad u baahan tahay inaad wax ka beddesho Siyaasadda Kooxda(Group Policy) , Diiwaanka(Registry) ama isticmaal PowerShell .

Habkan waxaa ku dhawaaqay Microsoft oo keliya isticmaalayaasha ganacsiga(Enterprise) , laakiin wax yar oo shaqo ah, waxaad ka dhigi kartaa inay ku shaqeyso adiga Windows 10/8/7 PC-yada sidoo kale.

The Potentially Unwanted Application protection feature is available only for enterprise customers.  If you are already one of Microsoft’s existing enterprise customers, you need to opt-in to enable and use PUA protection. PUA protection updates are included as part of the existing definition updates and cloud protection for Microsoft’s enterprise customers, says Microsoft.

Codsiga aan la rabin ee suurtagalka(Potential Unwanted Application) ah ( PUA ) ama PUPs waa kala saarid khatar ah oo ku salaysan sumcadda iyo aqoonsiga cilmi-baaristu waddo. Waxay caadi ahaan yihiin Crapware ama Bundleware , iyo softiweerka noocaas ah oo aadan runtii rabin nidaamkaaga, kaasoo laga yaabo inuu sameeyo waxyeello ka badan tan wanaagsan. Waxaad naftaada ka ilaalin kartaa PUA ama PUP(PUPs) -yada adiga oo geynaya siyaasada lidka ku ah malware. Dejinta siyaasadda ilaalinta waa la dami waayey si caadi ah.

Akhri: (Read:) Windows 10 waxay xannibi doontaa Software-ka aan la rabin iyadoo loo eegayo shuruudahan .

Daar Ilaalinta Barnaamijyada Aan La rabin ee suurtogalka ah(Potentially Unwanted Programs Protection) gudaha Windows 10

Ka dhig difaac Windows xannibay Barnaamijyada aan la rabin

Si tan loo sameeyo, waa inaad wax ka beddeshaa Diiwaanka Windows(Windows Registry) . Furaha diiwaanku wuu kala duwan yahay si waafaqsan nooca alaabtaada, waana ka duwan yahay Nidaamka Xarunta Dhamaadka Ilaalinta(System Center Endpoint Protection) , Ilaalinta(Forefront Endpoint Protection) Goobta Hore ee Dhamaadka , Aasaaska Amniga Microsoft(Microsoft Security Essentials) ama Difaaca Windows(Windows Defender) , sida ku cad sawirka kore.

Ilaalinta PUA(PUA) waxay karantiili doontaa faylka PUP waxayna ka ilaalin doontaa inay shaqeeyaan haddii ay buuxiso mid ka mid ah shuruudaha soo socda:

  1. Faylka waxaa laga sawirayaa browserka
  2. Faylku waxa uu leeyahay Calaamadda Shabakadda
  3. Faylku waxa uu ku jiraa %Downloads% folder
  4. Ama haddii faylka ku jira %temp% galka.

Kahor intaadan bilaabin, waa inaad ogaataa taas Windows 10 hadda waxay kuu ogolaaneysaa inaad curyaamiso ama aad awood u yeelato kahortaga codsiyada suurtagalka ah ee aan la rabin(enable protection against Potentially Unwanted Applications) (PUA) adoo isticmaalaya Windows Security .

Isticmaalka Siyaasadda Kooxda

  1. Fur gpedit.msc oo u gudub goobta soo socota:
  2. (Computer)Qaabeynta kombiyuutarka > Administrative _ _(Windows) _ _(Windows Defender Antivirus) _
  3. Laba-guji Isku-dubbari(Double-click Configure) ilaalinta codsiyada suurtagalka ah ee aan loo baahnayn.
  4. Dooro(Select) La Dajiyay si aad awood ugu yeelato ilaalinta PUA .
  5. Xulashada, dooro Block si aad u xannibto codsiyada suurtagalka ah ee aan la rabin(Block to block potentially unwanted applications) , ama dooro Qaabka Hantidhawrka(Audit Mode) si aad u tijaabiso sida goobtu uga shaqayn doonto deegaankaaga.
  6. Dooro OK.

Dib u bilow nidaamkaaga

Isticmaalka Diiwaanka

Si aad Windows Defender kaaga ilaaliso Barnaamijyada(Programs) aan la rabin , Ku(Run) wad regedit si aad u furto Diiwaanka Diiwaanka(Registry Editor) oo u gudub furaha soo socda:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender

Daar Ilaalinta Barnaamijyada Aan La rabin (PUP) ee Difaaca Windows

Halkan, midig-guji Difaaca Windows(Windows Defender) oo dooro New > Key > NameMagaca(MpEngine) MpEngine .

Hadda midig-guji MpEngine oo dooro New > DWORD (32-bit) Value > NameMpEnablePus oo sii qiime 1 .

  • Iyada oo qiimihiisu yahay 0 kaas oo ah mid aan la rabin, Ilaalinta Codsiga(Application) aan la rabin ee suurtogalka ah waa naafo
  • Iyada oo qiimihiisu yahay 1 Badbaadinta Codsiga aan la rabin(Potentially Unwanted Application) waa la dajiyay. Codsiyada leh dabeecad aan la rabin waa la xannibi doonaa marka la soo dejiyo iyo wakhtiga rakibaadda.

Dib u bilaw kombayutarkaga Windows

Isticmaalka PowerShell

Waxa kale oo aad isticmaali kartaa PowerShell cmdlet si aad u habayso habka ilaalinta PUA . Adeegso amarka soo socda:

Set-MpPreference -PUAProtection <PUAProtectionType>

Ikhtiyaarada <PUAprotectionType>:

  • U deji qiimaha cmdlet-kan si uu u daaro sifada(Enabled) .
  • U deji AuditMode si loo ogaado oo kaliya balse aan loo xannibin PUAs(PUAs) .
  • U deji Naafo(Disabled) si aad u damiso ilaalinta PUA,

Gudaha Windows 10 , sanduuqa wada hadalka ee soo socda ayaa la soo bandhigi doonaa, marka faylka PUP la xannibo:

PUA_helid

Haddii aad rabto inaad hubiso in sifada PUA ay karti u yeelatay(make sure the PUA feature has been enabled) oo ay si sax ah u shaqaynayso, waxaad booqan kartaa amtso.org dhagsii isku xirka faylka tijaabada ah ee suurtogalka ah ee aan la rabin(Download the Potentially Unwanted Application test file) , oo hubi haddii si toos ah looga xannibay in la soo dejiyo ama la ordo.

Waxaad maamuli kartaa walxaha karantiilka(manage Quarantined items) oo aad ka saari kartaa ama soo celin kartaa faylalka karantiilka gudaha Windows Defender(remove or restore files from Quarantine in Windows Defender) .

TALO(TIP) : Haddii aad u malaynayso in barnaamij aad samaysay si khalad ah loogu aqoonsaday PUA(wrongfully identified as PUA) , waxaad ku soo gudbin kartaa faylka halkan(here) .

Akhriska la xidhiidha(Related read) : Ka yeel ilaalinta arjiga suurtogalka ah ee aan la rabin (PUA) gudaha browserka Edge(Enable Potentially Unwanted Application (PUA) protection in Edge browser) .

Maqaalkani waxa uu tusinayaa sida aad u adkayn karto ilaalinta Windows Defender ilaa heerarka ugu sarreeya(harden Windows Defender protection to the highest levels) ee Windows 10 adiga oo beddelaya dhawr dejin oo Siyaasadda Kooxda.(This post shows how you can harden Windows Defender protection to the highest levels on Windows 10 by changing a few Group Policy settings.)



About the author

Waxaan ahay injineer software iyo sahamiye. Waxaan khibrad u leeyahay labada Microsoft Xbox 360 iyo Google Explorer. Waxaan awoodaa inaan bixiyo talooyinka khabiirada ee qalabyada horumarinta software-ka qaarkood, iyo sidoo kale inaan caawiyo dadka inay cilad-saaraan khaladaadka Explorer ee caadiga ah.



Related posts